考虑在你的配置中定义一个 'org.springframework.security.authentication.AuthenticationManager' 类型的 bean

Posted

技术标签:

【中文标题】考虑在你的配置中定义一个 \'org.springframework.security.authentication.AuthenticationManager\' 类型的 bean【英文标题】:Consider defining a bean of type 'org.springframework.security.authentication.AuthenticationManager' in your configuration考虑在你的配置中定义一个 'org.springframework.security.authentication.AuthenticationManager' 类型的 bean 【发布时间】:2019-02-14 01:27:35 【问题描述】:

我遵循了这里提到的一些建议,但它对我不起作用。因此,把问题放在这里

    How To Inject AuthenticationManager using Java Configuration in a Custom Filter Spring required a bean of type 'AuthenticationManager'

谁能指导我这是什么问题以及如何解决?

错误:

***************************
APPLICATION FAILED TO START
***************************

Description:

Field authenticationManager in com.techprimers.security.springsecurityauthserver.config.AuthorizationServerConfig required a bean of type 'org.springframework.security.authentication.AuthenticationManager' that could not be found.


Action:

Consider defining a bean of type 'org.springframework.security.authentication.AuthenticationManager' in your configuration.

AuthorizationServerConfig.java

@Configuration
@EnableAuthorizationServer
public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter 

    @Autowired
    private AuthenticationManager authenticationManager;

    @Override
    public void configure(AuthorizationServerSecurityConfigurer security) throws Exception 

        security.tokenKeyAccess("permitAll()")
                .checkTokenAccess("isAuthenticated()");
    


    @Override
    public void configure(ClientDetailsServiceConfigurer clients) throws Exception 
        clients
                .inMemory()
                .withClient("ClientId")
                .secret("secret")
                .authorizedGrantTypes("authorization_code")
                .scopes("user_info")
                .autoApprove(true);
    


    @Override
    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception 

        endpoints.authenticationManager(authenticationManager);

ResourceServerConfig.java

@EnableResourceServer
@Configuration
public class ResourceServerConfig extends WebSecurityConfigurerAdapter 


    @Autowired
    @Qualifier("authenticationManagerBean")
    private AuthenticationManager authenticationManager;
    @Autowired
    private UserDetailsService customUserDetailsService;

    @Override
    protected void configure(HttpSecurity http) throws Exception 

        http.requestMatchers()
                .antMatchers("/login", "/oauth/authorize")
                .and()
                .authorizeRequests()
                .anyRequest()
                .authenticated()
                .and()
                .formLogin()
                .permitAll();
    


    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception 
        auth.parentAuthenticationManager(authenticationManager)
                .userDetailsService(customUserDetailsService);

取自https://github.com/TechPrimers/spring-security-oauth-mysql-example的代码参考,仅将Spring Boot Parent版本更新为2.0.4.RELEASE,事情开始崩溃了。

【问题讨论】:

【参考方案1】:

这似乎是 Spring Boot 2.0 引入的“重大变化”之一。我相信Spring Boot 2.0 Migration Guide中描述了您的情况。

在您的WebSecurityConfigurerAdapter 类中,您需要覆盖authenticationManagerBean 方法并使用@Bean 对其进行注释,即:

@Override
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception 
    return super.authenticationManagerBean();

此外,在您的WebSecurityConfigurerAdapter 中,您可以使用authenticationManagerBean() 方法,而不是使用@Autowired 注入AuthenticationManager 实例,即:

@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception 

    auth.parentAuthenticationManager(authenticationManagerBean())
        .userDetailsService(customUserDetailsService);

【讨论】:

请从示例中删除 .parentAuthenticationManager(authenticationManagerBean()) 部分,因为它会导致错误! 我刚刚发现这是导致无限的原因递归最终导致***Exception。每当使用不正确的密码调用 AuthenticationManager.authenticate() 时,就会发生无限递归。这会抛出BadCredentialsException,这会导致由于某种原因再次调用相同的方法。这很可能发生,因为 parentAuthenticationManagerAuthenticationManager 是同一个实例。【参考方案2】: 
just add this to the AuthenticationManagerBuilder

@Override
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception 
    return super.authenticationManagerBean();


and in your controller where you need to use it add this :

 @Autowired
    private AuthenticationManager authenticationManager;

【讨论】:

【参考方案3】:

考虑在你的配置中定义一个“org.springframework.security.core.userdetails.UserDetails”类型的bean。

【讨论】:

以上是关于考虑在你的配置中定义一个 'org.springframework.security.authentication.AuthenticationManager' 类型的 bean的主要内容,如果未能解决你的问题,请参考以下文章

考虑在你的配置中定义一个“javax.persistence.EntityManager”类型的bean

如何在你的在线IDE中配置zsh作为默认shell

考虑在你的下一个Web项目中使用VueJS吧!

在你的网站服务器配置https

基于 Confluence 6 数据中心在你的 Atlassian 应用中配置 SAML 授权

基于 Confluence 6 数据中心在你的 Atlassian 应用中配置 SAML 授权